The first way is intentional
a) The request structure should be filled in with the available fields.
You should not use ident to tell if the proxy_auth username should be
filled in or not.
b) The selection between ident or proxy_auth username is done in
redirect.c and access_log.c. The preferred priority is: proxy_auth,
ident, "-".
Having two fields in the redirector and access log is overkill I think,
and have implications on all software making use of these...
/Henrik
Robert Collins wrote:
>
> I've put the equivalent changes into auth_rewrite.Attached is a diff against
> auth_rewrite before and after the change.
> There's one thing that I've done differently: please speak up if that's
> wrong...
>
> In acl.c, the check against overwriting ident should be
>
> if (!checklist->rfc931[0])
> xstrncpy(checklist->request->authuser,
> auth_user->auth_data.basic_auth.username, USER_IDENT_SZ);
>
> instead of
> if (!checklist->request->authuser[0])
> xstrncpy(checklist->request->authuser, user, USER_IDENT_SZ);
>
> because we only have one username field in the standard access.log. Can we
> change this to have two fields without losing any data?
>
> Rob
Received on Thu Nov 09 2000 - 02:23:35 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:57 MST